A supposed copy of a stolen database from auction website eBay, said to contain the personal data of millions of users, including Singaporeans, has come up for sale online.
Get the full story from The Straits Times.
Cyber criminals steal eBay data
By Kenny Chee
Customers of auction site eBay in Singapore could be getting spam mail about prizes they have supposedly won or auction items they never bid on because of a major data breach of eBay's corporate network that the site revealed on Wednesday.
Singapore's Personal Data Protection Commission (PDPC) said people who believe their information has been stolen should lodge a report with the police to determine if an offence has been committed under the Computer Misuse and Cybersecurity Act. The commission told The Straits Times yesterday that it was "monitoring the situation closely".
Cyber criminals stole eBay customers' personal data, including names, encrypted passwords, phone numbers, e-mail addresses, home addresses and dates of birth.
eBay said on its corporate website that customers' financial or credit card details were not accessed. Account data from its online payment subsidiary PayPal were unaffected, too.
However, the company advised all customers to change their eBay passwords, which should not be the same as those for other online accounts.
It did not say exactly how many people were affected, but the firm said a large number of accounts might have been compromised, and it was "applying additional security" to protect customers.
The theft occurred between late February and early March, but eBay found out only about two weeks ago.
In the first quarter of this year, eBay had 145 million active buyers globally. In 2007, reports said the local version of eBay had over 16 million page views a month and more than 4,000 sellers.
The PDPC and Infocomm Development Authority of Singapore have not received any complaints over the eBay incident as of 6pm yesterday.